]> CyberLeo.Net >> Repos - FreeBSD/releng/10.0.git/blob - contrib/ipfilter/rules/server
projects / FreeBSD / releng / 10.0.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- Copy stable/10 (r259064) to releng/10.0 as part of the
[FreeBSD/releng/10.0.git] / contrib / ipfilter / rules / server
1 #
2 # For a network server, which has two interfaces, 128.1.40.1 (le0) and
3 # 128.1.2.1 (le1), we want to block all IP spoofing attacks.  le1 is
4 # connected to the majority of the network, whilst le0 is connected to a
5 # leaf subnet.  We're not concerned about filtering individual services
6 # or
7 #
8 pass in quick on le0 from 128.1.40.0/24 to any
9 block in log quick on le0 from any to any
10 block in log quick on le1 from 128.1.1.0/24 to any
11 pass in quick on le1 from any to any
10.0-RELEASE